This put ransomware on track to become a $1 billion crime in 2016 – a stat that was reported by countless news organizations, including CNN, NBC and the New York Times.

An online search for “ransomware statistics 2016” will direct you to that $1 billion figure every time. But this statistic only shows part of the picture. Ransomware is doing far greater damage to businesses.

When you factor in operational downtime after an attack, the increased staff resources needed to resolve the problem, and replacement of computer systems, ransomware is actually costing businesses more than $75 billion per year.

The bad news is: these numbers are only going to get worse in 2017 and beyond. But the good news is: technology providers are producing smarter, more effective solutions for combatting an attack.

A Closer Look: Ransomware Statistics 2016 – 2017

What were the most noteworthy Ransomware Statistics 2016, and what can we expect in the months ahead?

We’ve compiled a wide range of figures from across the industry, and the consensus is: ransomware isn’t going away any time soon. Take a look at these stats to see exactly where the trends are headed and how organizations have been impacted.

1) Ransomware emails spiked 6,000%

When you search “ransomware statistics 2016,” most stats focus on the trends of actual attacks – but what about the trend of attempts? Not surprisingly, those are skyrocketing, too.

A study by IBM Security found that the number of ransomware-infected emails increased 6,000 percent compared to 2015. Attackers are trying harder to infect users’ computers right through their inboxes. These emails generally have attachments disguised as invoices, statements, spreadsheets, faxes or personal notes.

2) 40% of all spam email had ransomware

The same IBM study found that almost 40 percent of all spam messages in 2016 contained ransomware. That’s nearly one out of every two spam emails infected with a ransomware virus that, if executed, could encrypt all data on the computer in a matter of seconds – as well as data on any shared drives or other computers on the network.

3) 59% of infections came from email

A 2016 study by Osterman Research found that email was by far the top delivery method for ransomware, accounting for 59 percent of infections.

31 percent of infections came via a link in an email that directed the user to a malicious website, while 28 percent came through an email attachment. Another 24 percent came through websites unassociated with an email. The remaining 17 percent of infections came from social media, storage drives, business applications, or the organizations simply weren’t sure how the ransomware got there.

4) 92% of surveyed IT firms reported attacks on their clients

In 2016, data-protection company Datto surveyed 1,100 IT firms about their experience with ransomware. A whopping 92 percent of those companies said they had clients who were attacked within the last year.

Nearly 40 percent said that those attacks happened more recently: within just the last six months.

5) Infections hit 56,000 in a single month

In 2015, the rate of ransomware infections fluctuated between 23,000 and 35,000 per month. These numbers ballooned to 56,000 in March 2016.

Cybersecurity leader Symantec attributed the spike to the arrival of Locky – a specific form of ransomware virus that is now the most common type of infection. Locky is typically hidden in Microsoft Word files and executed through the use of macros.

6) Attacks expected to double in 2017

2016 saw virtually four times as many ransomware attacks as in 2015, and these figures are projected to keep climbing. According to some estimates, the attacks will double in 2017.

The risk assessment experts at Beazley looked at nearly 2,000 separate data breeches across a wide range of companies. Their study concluded that, despite the staggering increase in attacks from 2015 to 2016, infections are projected to continue rising.

7) Healthcare and Financial Services were the hardest hit

According to the research by Osterman, ransomware attacks were most common in the financial services and healthcare industries.

In its report, Osterman wrote, “The fact that healthcare and financial services were the most vulnerable to ransomware attacks comes as no surprise. These industries are among the most dependent on access to their business-critical information, which makes them prime targets for ransomware-producing criminals.”

8) 70% of businesses paid the ransom

U.S. law enforcement agencies strongly advise against paying the ransom, but the decision is difficult for many businesses. In many cases, businesses determine it is easier and more cost-efficient to pay up than to find other ways to resolve the problem (especially if they don’t have an adequate data backup system in place). That is exactly the predicament that attackers want.

So, it’s no surprise that the study by IBM Security found that 70 percent of business victims paid the ransom in 2016. Before you pay up after an attack, keep in mind that there’s no guarantee you’ll receive the decryption keys. And the FBI warns that many businesses who have paid the ransom were targeted again later.

9) 20% of businesses paid more than $40,000

This is one of the more startling ransomware statistics 2016: the ransom demands have been getting much higher.

In September of last year, a study by Datto found that the average ransomware demand ranged between $500 and $2,000. But many businesses are shelling out much more. Of those who paid, IBM found, 50 percent paid more than $10,000. One in every five victims was extorted for more than $40,000.

10) Less than 25% of ransomware attacks are reported

Most businesses remain tight-lipped after an attack, often because they don’t want to attract any negative exposure that could hurt the company’s reputation. This is especially true at healthcare and financial organizations, where protecting sensitive customer data is crucial. These businesses do not want to create the image that they’ve compromised customer information, even if they haven’t. And they especially don’t want to admit to having paid a ransom to cyber-attackers.

A study found that less than one in four incidents are reported to the authorities. It’s worth noting, however, that the FBI strongly advises businesses to contact their nearest FBI field office immediately after an attack has been detected.

11) Most businesses face at least 2 days of downtime

A major data loss can cripple operations in just seconds. And if businesses don’t have an adequate recovery plan in place, that downtime is likely to be extended for several days.

One analysis found that the majority of business victims experienced at least two days of downtime. This downtime can be extremely costly. Another group calculated that each hour of inactivity costs small companies an average of $8,581 per hour.

Now, about that Good News …

Yes, there is a silver lining in all this. The threat of ransomware is forcing businesses to get serious about business continuity.

Organizations are reevaluating their cybersecurity and data-backup solutions to ensure they are properly prepared for an attack. Ransomware prevention is a two-pronged approach: 1) businesses must have dependable systems, protocols and training in place to help prevent the risk of an infection in the first place; and 2) businesses must know what they’ll do after an attack occurs, including how they’ll restore data and also how they’ll maintain operations in the meantime.

Prevention & Response

Experts have found that the only businesses who have been able to quickly resolve a ransomware attack close to 100 percent of the time are those who had dependable data recovery solutions in place.

And there are some promising new developments in this area that are already working.

“Backups are critical in ransomware recovery and response,” states the FBI. “If you are infected, a backup may be the best way to recover your critical data.”

However, many businesses are using outdated backup systems that are vulnerable to failure after a ransomware attack. One survey found that 58 percent of business victims were not able to fully restore their backups after an attack, due to “unmonitored and failed backups, loss of accessible backup drives that were also encrypted, and loss of between 1-24 hours of data from the last incremental backup snapshot.”

Early Detection & Data Rollback

Companies like Datto are addressing these issues by integrating ransomware protection into their data-backup technology. These solutions automatically detect and identify ransomware at the first sign of an attack and immediately notify administrators to revert to a healthy backup. This significantly shortens the downtime and also eliminates the need to pay the ransom.

But remember, this is just one layer of the protection needed at most businesses. Staff education is critical to ensuring good security practices throughout the organization. Anti-malware software and proper network configurations, such as user access controls, are also essential.

Get More Information

For more information on ransomware protections solutions for your organization, contact the business continuity experts at Invenio IT. Visit www.invenioIT.com, call (646) 395-1170 or email us at success@invenioIT.com.

Check out our Must Read Articles:

Tracy Rock is the Director of Marketing at Invenio IT. Tracy is responsible for all media-related initiatives as well as external communications—including, branding, public relations, promotions, advertising and social media. She is one busy lady and we are lucky to have her!

Invenio IT is the backbone for my disaster recovery solution. If I have anything wrong with my backups I am getting a call from Dale. This type of support is awesome especially when backing up 100+ servers.

Clyde Cornelius

15:08 07 Jun 18

Invenio IT has provided us with an excellent BDR solution in the Datto SIRIS. An enterprise-level solution at a reasonable cost, along with simplicity and ease-of-use, were a few items that helped us move to a Datto SIRIS.
The only surprise was the extremely detailed level of service and support we received from Invenio IT. After 20 years of IT experience as a support professional myself, I did not expect to be surprised by the sustained, over-the-top level of support and professionalism that we received from Dale and the Invenio IT team. But I was surprised, and very happily so. Actually, I couldn't be happier!

Edward Caco

15:31 05 Jun 18

The Datto Siris product works well and the web portal for management is excellent. My Invenio Rep is attentive, gets in front of issues and monitors the backup service.

Theodore Herrmann

21:35 04 Jun 18

Great product! Great Service. I was up and running in no time.

Robert Bearry

19:41 04 Jun 18

I highly recommend Invenio IT to everyone. They provide amazing customer service. They are very responsive, and quick to resolve any issues or concerns. They have been a tremendous resource for several IT projects. One product / service in particular that is an absolute must is their backup services using the Datto SIRIS. This is just one example of many that has simplified my life while giving me much improved data security. I have full confidence and peace of mind knowing my
data is secure and always available. By far the absolute best IT company I have ever dealt with.

William Porche

19:33 04 Jun 18

I am very pleased with the Datto project and support offered at Invenio IT. The professionalism and speedy response to all of my issues have been handled impeccably. I would highly recommend their services.
-Billy

Yogesh Mantri

21:09 24 May 18

We were looking for a product which will verify the backup everyday without our intervention. For our size, Datto Alto 4 by far is the best product available on the market for the up-front and recurring price. Everyday it shows that the image backup is boot-able. We did the test by visualizing the server in the cloud and connecting seven work stations to it, and it worked flawlessly.Dale from Invenio IT was there every step of the way from purchase to install to testing. He provided exceptional service. He oriented us to Datto environment very well and is always available to answer questions. Further, every day he is monitoring the backups and ensuring the success. We are very pleased with the results. Thank you Dale!

Kim Zayac

16:41 03 Nov 17

Datto/Invenio was installmental in saving my business. The SIRS had a snapshot of beginning of the day. So I was good to go in minutes with the last backup thank you invenioIT.

Rachel Leventhal

21:34 17 Aug 17

We have the Datto SIRIS through Invenio IT and we couldn't be happier. Great team with exceptional customer service. Keep up the good work!

gramfer

12:36 03 Aug 17

Invenio IT is simply awesome! I have been working with Dale for a couple of years now and the service and after sales support is great. I have submitted support requests and literally have had them resolved in under 20 minutes. That is great service!

Paul Gugel

01:23 26 Jul 17

I have a SIRIS2 backup hardware which is an outstanding product and Invenio IT is one of the best support companies out there. They keep me informed of anything that is going on with my backups.

Date Kouy

20:06 20 Jul 17

Quick response and good customer relationship. We been working with Invenio for over a year and it has been good results all around. Keep up the good work.

Grant Brown

20:34 18 Jul 17

Incredible professionalism from the Invenio staff. Hard working, a joy to do business with, and true innovators. This is a company that values its partnerships and will always do what's best for the customer.

Ron Rizzi

20:09 17 Jul 17

So... how complicated would your life be if you lost precious data files and there was no chance of recovery. Sounds scary. Yes it does. Life can be easier. You can take an associates human error of erasing or losing work or even an equipment failure that would have you work through the weekend in stride. Deploying a DATTO Sirus will protect your data locallly and in the cloud with so many easy ways to recover when the need arises. Support is excellent and reliable. Get a DATTO Sirus and rest... assured!

Jason Blair

16:51 17 Jul 17

Solid Datto support for our server systems. In the rare event there's been an issue, Invenio often knows before we do and has a fix ready. They are highly responsive to questions and keep our backup system.

Matthew Fex

16:35 17 Jul 17

The fantastic Datto SIRIS coupled with the helpful folks at Invenio IT have let me stop worrying about my backups and disaster recovery plans to focus on more important things such as my morning coffee and keeping users from destroying the network before lunch.

Gary Collier

16:11 17 Jul 17

Great partner to have. I recently joined the company I work for and found that they have a Datto backup system. I have never used the system and with the assistance of Dale at Invenio IT the learning curve has been an easy one. They typically let me know if something has gone wrong before I even knew it happened. Bottom line, outstanding support. I would highly recommend them for your IT services needs.

Gregory Carwile

16:08 17 Jul 17

Purchasing my SIRIS3 through Invenio IT has been one of the best decisions I’ve made. They always reach out to help whenever a problem arises, often before I even know there’s an issue with my backups. When my business got hit with Ransomware, I was able to restore my entire environment within a matter of hours thanks to my SIRIS3 and Invenio IT!

annmarie kotsianas

03:20 02 Jul 17

The Invenio IT staff is friendly and knowledgeable! They really know everything about the Datto SIRIS

Michael Marlin Jr.

16:50 28 Jun 17

Can't say enough about the folks at Invenio. They are experts in business continuity and a pleasure to work with!

Leander Gillard

16:19 19 May 15

Invenio IT is a great organization to work with. Their consulting and managed services are exceptional are always at the leading edge of I.T. Strategy and execution, anticipating what you need before you experience an expensive order of magnitude "issue". They lead with integrity and clear down to earth communications. Highly recommended.

Employment Employment

15:04 06 May 15

Great company medium sized organizations, handles all the management of data integrity, data redundancy/backup and all of your data management needs. I was truly lucky to have a excellent company supporting my orgazation when we did actually encounter data issues. Invenio IT was able to quickly assess and analyze the problem and then fix our issues with no down-time and little to no effect on our user base. Thank you Invenio IT.

T. Rock

14:22 06 May 15

Invenio IT has supported my business for the past few years and I have had a great experience. The staff is knowledgeable and go out of their way to make technology simple to understand. If you are in need of a strategic (and friendly) IT partner, I would consider this company.